The Remote Administration service contains a buffer overflow condition that could allow an attacker to launch a denial of service attack against the system, or possibly inject code into the operating system for execution.

Because of inproper connection clean up, it is possible to saturate such a system with connections to a point where the system will stop responding on the network.

DEMONSTRATION

This is a simple script, which left to run for some time, would probably kill Netware"s TCP/IP stack. Change $SERVER and $PORT before using this to test your servers for the vulnerability.